Juniper SRX Room for Improvement

Girish Vyas
Architect - Cloud Serviced at a comms service provider with 11-50 employees
IPS, or IDS services, need improvement. Their major problem is that you have to integrate it with MSN or web building services, you need to buy support for that and services but you cannot. The best thing that I see was a filtering service with custom categories that I can create. If I buy a license, I can integrate it with a different product, but their own web building services is poor. So they can improve web building services, as well as look for application awareness, and maybe, with IPS, they can have their own built-in services rather than integration with MSN for using IPS. There are three things that can be improved. IPS is one that I would definitely want to be improved. I would also like SSL VPN to be integrated. Other than that, I guess it's doing a firewall, so I would say it's cool. Next in features, I would want that to be included, along with SSL VPN, if possible. Other than that for the product, I don't think there's a need for doing anything with this. View full review »
Srengineer98987
Sr. Engineer at a comms service provider with 51-200 employees
We also use firewalls from FortiGate and Palo Alto and they're built with technology to make them next-generation firewalls. Juniper utilizes a router OS and includes enhancements to make it a firewall. But FortiGate and Palo Alto are full-on firewalls because they are built from scratch with features which are specific to firewalls. Juniper needs to enhance the solution so that it is more powerful. They need to update the administrative tools to create an easier admin experience. An average administrator would find it easier to configure if they could use https rather than the command line interface to do so. In addition, it would be more powerful if Juniper brought out a security product other than firewalls, like anti-spam, endpoint protection, etc. Customers who want to deploy security solutions are not just thinking about firewalls. They're thinking about security across their environment. If Juniper could give me a security solution, beyond the firewall, that integrates with the firewall, that would be helpful. Other products have built a security fabric. So if a customer already uses one of their solutions, like a firewall, they will be thinking about integrating with that vendor's other products. If there is more than just a firewall solution, they will use that same vendor's products throughout the security environment. A security fabric is more powerful than just blocking via network parameters. Juniper should have an end-to-end solution, from the endpoint to the network level. It would provide a more powerful security solution to the customer. Customers are looking for a holistic security solution. View full review »
Se32Ntwk2190
Senior Network Analyst with 1,001-5,000 employees
The CLI is verbose. You have to say a lot to do a little. I don't like that part of it. Cisco's command syntax seems to be a good bit more concise. When you're trying to get something done, you don't want to have to type a bunch. I wish there was a quicker way to configure through the CLI. I know all the tricks of hitting spacebar etc. to finish the command, and the context tricks of going further in. But it just reminds me of an older operating system, like VAX/VMS. It's just very verbose. Maybe this is where the Space Security Director product comes in, but we aren't quite using the Security Director in Space to its fullest yet. View full review »
Find out what your peers are saying about Juniper, Fortinet, Cisco and others in Firewalls. Updated: September 2019.
371,639 professionals have used our research since 2012.
RiskMana49f0
Risk Management and Security Governance at a comms service provider with 501-1,000 employees
The Juniper product has to improve in terms of innovation. It only has standard reports, such as memory capacity and data traffic. By comparison, the Check Point solution comes with great reports. Check Point tracks the logs, then analyses the logs and can tell you when you are under attack. Then, you can prevent it. With Juniper today, what you have in terms of log analysis is not so good. I think that they have another solution for this, but it is not embedded, and you have to purchase it separately. View full review »
ipmplspr538920
Security Governance at a comms service provider with 1,001-5,000 employees
The Juniper SRX product needs to improve in terms of innovation. E.g., Checkpoint comes with a monitoring solution embedded in its product, as well as providing good reports. Checkpoint also does analysis by tracking the logs and letting you know when you are under attack. What Juniper has today in comparison is not so good. Juniper only has limited reports, such as memory, capacity, data, and traffic. View full review »
Roger Bascom
Network Engineer at a financial services firm with 201-500 employees
Third-party support for Juniper is a lot less than Cisco. This is no surprise, but a definite consideration if you are expecting to use a lot of third party support. In my guesstimate, for every 100 Cisco shops, you will find one Juniper shop. View full review »
Darcy Hiebert
Network Architect - Contractor at TEML
In terms of improvement, it could use more on the security side. It's a good stable firewall, but it's nowhere near what it needs to be for a next-generation type firewall. They also need to improve their documentation. With Cisco, you can find lots of examples, but with Juniper, it is not always the case. One area that needs more focus is instruction on how to interoperate with other vendor's products. I would like to see documentation on running IPsec tables between Fortinet and Juniper or Cisco and Juniper because the information is not there. Their technical support also needs improvement, as they are lagging behind Cisco. View full review »
Bunyamin Bunyamin
Senior Network Security Engineer at Aplikas
Improvements can be made to the GUI. The GUI can be improved by creating policies to handle IPS requirements. The configuration should be a one-step process. This would make it easier to complete the setup to register the time of operation. View full review »
Reviewer893
Sr. Programmer at a tech vendor with 51-200 employees
It needs better interoperability with Cisco gear. View full review »
Amir Tofangsazi
CEO, Member of the Board at beh
The workplace management console needs improvement. It should be a little bit more developed. Also, the interface needs a bit more improvement. If the solution would have an intuitive interface would be much better because the work-based interface is not so perfectly developed and it's not ideal. It's not complete yet, and it makes it difficult for beginners and first-time users of this solution. As it is, for new users, it would make it very difficult for them to deploy this solution. Otherwise, the rest is fine. There's no other problem with it. View full review »
Mark Edward
Technical Support Engineer at a tech services company with 51-200 employees
I would like to see endpoint control and endpoint testing security. The GUI needs to be easier to handle. View full review »
Jérôme
Senior Network Engineer at a tech services company with 51-200 employees
The visibility/reporting could be better. To see something, you have to export the log to a syslog and then process with another product. View full review »
Ales Ciber
ICT System Specialist at a comms service provider with 1,001-5,000 employees
Web management needs to improve. The web interface on Juniper SRX is just a short conversion from Junos OS CLI; this is not very suitable for users with little expertise. But Juniper has complete MGMT for managing SRX devices and other Juniper devices. it' s called Junos Space with APP security director for security devices. It's good, but there is space for improvment. View full review »
Muhammad Atif Jauhar
Professional Services (Security) at Business Management Company
The solution previously had a Clientless SSL VPN, but it has been removed and I would like access to it again. The GUI needs improvement. I can work fine with the command line (CLI), but new people would like a better user interface. I would like to see an SSH VPN in the next release. View full review »
ANanonymous
Consumer Engineer at a comms service provider with 1,001-5,000 employees
The GUI needs to be easier and more helpful for users who don't have security experience. They need to add WAF management to the tool, as competitors already have it as part of their offerings. This feature is future of protecting enterprise solutions. View full review »
Tarek Menshawy
Senior Network and Security Consultant, JNCIE-SEC#408 at a financial services firm with 501-1,000 employees
It's not 100%, it's not a perfect product, some points need to be adjusted, need to be enhanced. View full review »
Tanzir Ahmed
Network Manager with 1-10 employees
I would like them to add a dashboard because it's difficult to operate. The product only has basic features. View full review »
Directser677
Technology Services Director at Blue Cube Security Ltd
The throughput when using features can be improved. 100-gigabit interfaces should be added into the next release because we'd like to adopt them. View full review »
Jean Almeida
Senior Network Analyst at a energy/utilities company with 10,001+ employees
It would be good if Junos had "unique commands" between all hierarchical levels, discarding the use of the "Run" command. The robustness of Linux on top of Junos can be more effective after power down. View full review »
Taiyoung Kim
Engineer with 11-50 employees
It could improve areas which need high performance. View full review »
Sashisekhar Panda
Chief Executive Officer with 51-200 employees
We are finding that the UTM features which is required (like an antivirus or URL filtering) are not available. We are now looking for the "Next Generation" of firewall protection. We need to be less vulnerable to attacks. In addition, we would really like to see an automated policy feature added. View full review »
Maroun Saamia
Principal Director of IT at a retailer with 1,001-5,000 employees
* Correct the bugs in the current version. * Help customers more with its configuration so they can feel safer. We tried configuring the IDS for more than four months, but it did not work properly. View full review »
Herve Yapi
User at UNACOOPEC
In terms of other features, I'd like to see a web filter, 10 point control, application control and DNA features in the next release. View full review »
Mark Fierens
GCD Network Architecture Manager at a media company with 1,001-5,000 employees
The device could be more user-friendly. View full review »
Find out what your peers are saying about Juniper, Fortinet, Cisco and others in Firewalls. Updated: September 2019.
371,639 professionals have used our research since 2012.
Sign Up with Email